TOR Names Shari Steele as New Director

Tor is Looking to Diversify its Funding and Avoid Government Sources:

Tor1

The TOR project will now be led by a former Electronic Frontier Foundation executive director.  During the 2016 presidential campaign, anonymity and encryption has been at the front of many of the debates.  France itself was considering banning TOR from its country after the attacks.  Read more about what TOR is and how it can benefit the lay user here.

Shari Steele, former EFF executive director, was selected because of her experience in growing non-profits.  Roger Dingledine, TOR’s temporary executive director stated that she “will be especially valuable as we continue our campaign to diversify our funding sources”.  Read more about the transition in this blog post.

Shari-steele

Shari Steele climbed up the corporate ladder at EFF by starting as a staff attorney, then onto legal director and finally as executive director.  Her 20 years of experience will prove valuable for the anonymity company.

TOR originally started with the U.S. Naval Research Laboratory and is now a nonprofit company.  Fortunately, the nonprofit has had several wealthy donors like Radio free Asia.

In a post on their website, TOR stated that it would prefer to move away from government sources as their primary income.  Hopefully with funding the TOR project can become faster, and more secure.  I also feel a lot better knowing that the non-profit organization will have less ties with the government.  This will help prevent future back-doors and compromises.

ITOR3

f you’d like to try out TOR, take a look at our guide on how to set it up for the very first time on your windows machine.  It’s easier than you think.

TOR makes it hard, although not impossible, to find a user’s real IP address.  This can help protect your anonymity while browsing online.  It should be noted that the government and other hacking organizations have found workarounds, some involving your browser’s cache.

Hopefully Steele can take TOR in a wonderful direction, avoiding government back doors, and government funding.

Share your comments on this latest announcement below in the comments.

 

Vuvuzela more secure than TOR?

vuvuzela2

The fight with data encryption continues as researchers at MIT CSAIL (Computer Science and Artificial Intelligence Laboratory) create a new messaging application that works similar to internet darling TOR.

Vuvuzela was named after the plastic horn used at FIFA football World cup finals in 2010 in South Africa.  (Man those horns were annoying).  The software itself is still in infancy, but many scientists are intrigued by its method of encrypting data.

TOR hides messages like an onion, using several different layers of encryption and sending users through random servers on the internet.  Vuvuzela on the other hand takes a different approach, it uses less encryption but more false traffic.

vuvuzela1

The program takes messages that it receives from a sender then stores it inside a memory address on one of its servers (a mailbox).

Before it decides to store the content, the messages goes through an array of several different servers, that happen to send out false traffic to all of the users on the network.

The Vevuzela server then notifies the recipient that there is a message waiting for them.  When the user goes to read the message, they have to go through several mailboxes to get the message’s location.  Each time a connection is made through one of theses mailboxes by the recipient looking for the message, each of the servers sends out false network packets to the network.

With all of the dummy traffic, and with senders and receivers moving past their destinations to create even more dummy traffic after they have sent or obtained the actual message, you can just imagine how difficult it would be for a hacker to figure out who is talking to each other.

With so much fake traffic, and with senders and recipients moving past their destinations to intentionally create even more fake traffic after they’ve left or retrieved the actual message, you can only imagine how much data an attacker would have to sniff out before getting a clue of who’s talking to whom.

vuvuzela3

It takes about 45 seconds to send a message:

After simulating Vuvuzela for 1 million users with Amazon’s server, it showed that most messages had a lag of about 45 seconds.  That is large lag for texting, but with email not being exactly instant, I think people will be able to get used to the lag.  The researchers also promise a faster communication time as they work the kinks out of their code.

To read more about the technical aspect of Vuvuzela, checkout the research paper:

Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis  Jelle van den Hooff, David Lazar, Matei Zaharia, and Nickolai Zeldovich.

Do you use encrypted messaging applications?  How have they worked for you?  Do you experience any lag?  Answer in the comments below.

Dirtbox Phone Call Snooping in San Bernardino

TURNAGAIN, ANCHORAGE, ALASKA, UNITED STATES - 2009/06/18: Small airplane in flight. (Photo by John Greim/LightRocket via Getty Images)

Right after the tragic attacks that took place in San Bernardino federal investigators launched a spy plane over the area to see if they could find accomplices.   The plane circled above the area in hopes of finding out extra information.  It is said that the aircraft most likely had dirtbox technology that can scan hundreds of phones to obtain clues into the investigation.

More about Dirtbox technology:

dirtbox

  1. Any plane with a dirtbox cellphone device can scan multiple cellphones looking for a subject.
  2. Other cellphones that are not targeted are released as the dirtbox gathers more information on the target.
  3. The plane continues to move and gather signal strength.
  4. The end result is that the plane can identify the perpetrator from within 3 meters.  The police can then come in and arrest them.

Could this mean that there were other suspects involved with the San Bernardino attacks?  Or was the plane just launched to scan through myriad phone calls to find suspicious activity?

Sofrep initially broke the news by saying that the use of the spy plane showed that law enforcement was ‘actively searching for other members of a terrorist cell.’

According to Sofrep, the Pilatus PC-12 was used for the cell phone snooping.  This is similar to the aircraft sent by the military to missions in Africa.

Sofrep also revealed a map of the flight path for the aircraft which demonstrated that it made numerous circles over the area around Farook’s home in San Bernardino.

Does it make you feel safer to know that the government can deploy aircraft’s to listen in on conversation?  Or is this a violation of privacy?  Should crafts like this only be used in the case of a terrorist attack or should dirtbox deployments be common place for the common good?  Weigh in below with your comments.  We would love to hear from you..

Top Ways to Program an App

program1

1. Gigster

There’s a new way to make mobile apps in town, it’s called Gigster.  Just send them an idea for your app, and they send an app back.  No need to hire coders, grab freelancers, or learn complicated programming languages.

Their developers will turn your proposal into a plan, then their remote developers will build your application.  They’ve already created a clever dating app for religious millennials and has over 50 more projects in the works. To date, they already have 1 million in sales.

They charge a flat rate fee instead of an hourly rate.

Cons: One major downside is that Gigster technically owns the code they make for you, and they lease it to you.

2. Freelancers:

program2

elance.com and freelancer.com are great places to grab talent for creating your next app.  You can usually get a great price.  Freelancers are eager to impress so they can obtain good ratings.

Cons:  Sometimes it may be difficult to communicate with freelancers, as they are at times swamped with other jobs or may not be proficient in the English language.

3. Students:

program3

Check your local community college/university.  A lot of times students are looking for side projects/income.  If you belong to a reputable business, sometimes colleges will offer student coders for your project at a discount price.  Check with their computer science department

Cons: At some colleges it may take the full semester/quarter to produce a finished result.  Coding could prove to be elementary and bug prone.

4. Hire local developers

program4

Check craigslist.  You’d be surprised how much local talent there is for developing your code.  Keeping things local can make it easier to have face-to-face meetings, keep deadlines and work in local currency/time zones.

5. Learn how to program

program5

Over the years, it has surprised me how much easier it is getting to program.  I remember learning in basic back in the 80s.  We’ve come a long way.  Swift, Java and .net are a lot of fun to learn.  With several tutorials online you can even use your new skills to make some extra side money after you’ve developed your own app.

 

 

France Will Not Ban TOR or Wi-Fi

TOR1

If you are a frequent Bapgo reader, you will remember that a few days ago it came out that France was looking to restrict TOR indefinitely and Public Wi-Fi during a state of emergency.  Today it was revealed that despite requests from police, France will not restrict the TOR network or public WiFi.

Prime Minister Manual Valls stated, “a ban on WiFi is not a course of action envisaged” by the government.

Tor2

After the shocking attack in Paris Le Monde (the world), reported an internal law enforcement document asking to inhibit freedom of public Internet during a crisis as a way to trample terrorism.

The “Internet is a freedom, is an extraordinary means of communication between people, it is a benefit to the economy,” Valls concluded.

The world continues to watch as the French government seeks a solution.  Leaders in the European Union and the United States are seeking to compromise encryption and private communication.

Tor3

On Wednesday, Sen. Dianne Feinstein promised to find a way to compromise encryption.  Fortunately there is not a law that requires a backdoor on encryption, however, depending on the type of encryption used, there may be a backdoor that hackers can compromise.  So, if a hacker can gain access to encryption it follows that the government could potentially have access as well.

Encryption makes the internet a safer place.  Safer for e-commerce, bank activity, stock trading and communication.  I agree with Prime Minister Valls, Freedom on the internet does encourage the economy. Time will tell if Sen. Dianne Feinstein will be successful in her endeavor.

Take a look at Bapgo’s article on how to easily encrypt your hard drive on a Windows machine.

How do you use encryption on a daily basis?  Have you ever been caught in a situation where you wish you had encrypted your data?  Share your experiences in the comments below.

 

Super Secure Android Phone

granitephone1

Is your phone secure?  There is always the possibility that your phone has a backdoor.  Even if the phone is encrypted the government or businesses may have a key.  One reason BlackBerry was so popular a decade ago was because the Canadian company promised increased security.

GranitePhone by Sikur runs a forked version of the Android operating system called GraniteOS.  It’s easy to navigate like an Android phone and you can make secure encrypted voice calls and chat messages.  There is also limited e-mail functionality.  The phone lacks an app store and the majority of other popular apps that are normally thought of when using a mobile phone.  This was done intentionally.  Sikur is looking to make a phone that is private and secure.  Sometimes third party apps can open a backdoor and cause issues.

The Granite phone is not intended for the average smartphone user.  This phone is meant for financial institutions, government, and large corporations.   It will be tricky to persuade would-be users to use the GranitePhone over the competition.

 

granitephone3

Device Specifications:

  • 5-inch 1080p screen
  • Qualcomm Snapdragon 615 processor
  • 2GB Ram
  • 16GB storage
  • 16-megapixel back camera
  • 8-megapixel front facing camera
  • 2700mAh Battery (non-replaceable)

granitephone2

Why pick GranitePhone?

There is a lot of competition out there for a secure phone.  Sikur says that one thing that makes the standout is the ability to install on-site data servers to allow the data going to and from the granitephone to be stored locally.  Currently that option is not available on Blackberry.

Encrypted communications can also be accessed on through their desktop application adding a bit of convenience.

Future of GranitePhone:

Approved secure applications may be available in the future, as well as secure video calling, a feature that is already present in the desktop version.

I think it’s wonderful that so many secure options are becoming available for smartphone users.  I think all too often people do not place an emphasis on increasing hardware security.

Have you used a secure smartphone? Let us know your experience in the comments below.

Donald Trump Wants to Restrict Internet

trump1

Just after Donald Trump revealed his plans to ban Muslims from entering the United States, the presidential hopeful stated that the US should consider “closing the Internet up in some way” to fight ISIS terrorists online.

Trump made fun of anyone that would reject his plan stating “these are foolish people, we have a lot of foolish people”.

As a quick solution he stated “we have to go see Bill Gates” to better understand the Internet and then possibly “close it up”.

Donald continues to stir the pot by saying “we’re losing a lot of people because of the Internet”.

trump3

Hillary Clinton Reveals Plan for Internet:

The Internet is a hot button issue for the election next year.  Hillary Clinton requested that tech companies “deny online space” to terrorists.

To rationalize away the first amendment she stated “we’re going to hear all the usual complaints.  You know, freedom of speech, etc… But if we truly are in a war against terrorism and we are truly looking for ways to shut off their funding, shut off the flow of foreign fighters, then we’ve got to shut off their means of communicating. It’s more complicated with some of what they do on encrypted apps, and I’m well aware of that, and that requires even more thinking about how to do it.”

Encrypted apps can be used for good.  Read my article about setting up an encrypted messenger on your Windows machine.

trump2

President Obama’s Plan:

President Obama also chimed in on Sunday night urging “high-tech and law enforcement leaders to make it harder to use technology to escape from justice”.

I agree that there needs to by cyber vigilance to combat terrorism.  However, limiting freedoms and regulating the internet may not be the best solution to this ongoing problem.

What are some ways we could overcome cyber warfare without compromising our rights?  Please share in the comments below.

France Aims to Block TOR and Restrict Public WIFI

bannedfran  

TOR and Public WIFI may be blocked to Contain Terrorism

A French newspaper Le Monde reported that the government of France is considering new legislation that could sensor internet users.  This includes banning TOR and public WIFI.

Banning Public Wi-Fi in State of Emergency:

bannedwifi

The first law would ban people from sharing Wi-Fi connections during a state of emergency.  The rational is that it is difficult to track individuals who use public Wi-Fi networks, as opposed to cellular networks.

The problem with this solution, is that would-be terrorists could access the internet from another myriad of ways.  Adhoc connections, satellite internet connections, private network connects etc…

Banning TOR from France:

bannedtor

TOR is an acronym derived from The Onion Router.  TOR directs internet traffic through a free, worldwide, volunteer network consisting of more than 6 thousand relays to conceal a user’s location and usage from anyone conducting network surveillance.  Basically it allows people to browse and communicate over the internet anonymously.

If you would like information on how to setup the Onion Network easily on your windows machine, checkout my article that I wrote here.

The Onion Network can make it difficult for authorities to trace Internet activity back to the user.  TOR users can make anonymous visits to websites, online posts, instant messages and other communication forums without being tracked.

TOR’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.  Many people think that TOR is intended for criminals only.  I tend to disagree.  Checkout my post about the top people that should use the Onion Network.  Spoiler alert: It’s not terrorists.

If France were to try to ban the Onion Router, it wouldn’t solve their problem.  There are other sneaky ways to logon to the TOR network.  A VPN could be used remotely.  Would-be terrorists could also still access the Onion Network outside of the country.

While I applaud France for being proactive on the war against terrorism, I doubt their methodology to be effective.

Secure Messaging App Signal Launches Desktop Version

signal4

Signal Desktop App:

Text messages, Facebook Messenger, Yahoo Messenger, Whatsapp etc… all have a major flaw: A backdoor.

It’s no secret that the government can easily access our communications, in some cases, without a warrant.  Here is an article I wrote about the IRS accessing telephone information.  The NSA has also been known to traverse through phone records.

signal1

Signal, a private messaging app alternative, has just launched a desktop version of their application which can run through Google’s Chrome browser.  Many privacy advocates use this as their primary messaging service, including Edward Snowden.

If you are an Android user, you are in luck.   You will be able to link your Android account to the desktop version for seamless messaging.  iOS linking is forthcoming.

The linking service with Android devices will allow you to have all your contacts and chat-logs from your Android app loaded into PCs.

signal2

Mobile Version:

If you are using the mobile app you may need to be careful with your data plan.  Signal uses a data connection to send encrypted SMS messages, so SMS traffic will count against your carrier data cap.

With recent current events, many governments are calling for a ban on end-to-end encryption.  They claim that encrypted data gives terrorists and criminals an opportunity to conspire worry-free.  Here is an article I wrote about why some people may prefer private communication even if they aren’t a criminal.

There are almost ten thousand people waiting for this desktop beta of Signal.  Head over to their website today to get in line.

Have you had a chance to use encrypted messaging?  Has it been a positive experience?  Let us know in the comments below.

Google’s Cheap Virtual Reality

Cheap Virtual Reality By Google

cardboard1

About a week ago, I did a review of Samsung’s Gear VR, a great way to get into virtual reality with your Samsung phone for a hundred bucks.

What if I told you that you could immerse yourself in virtual reality for an even cheaper price?  For just under 25 dollars you can get Google Cardboard.  Basically, it’s cardboard that wraps around your device, and allows most smartphones to view virtual reality content.

Once you have Google Cardboard, you can explore a ton of apps that unfold all around you.  The site boasts that you can “visit new places, play immersive games, fly through space and more”.

So What Kind of Apps are Available?

cardboard2

You can immerse yourself in a Paul McCartney concert, layout on a tropical beach and jump into the inner workings of the body.  At this point, there are several free Apps available.

 

New App for Creating Virtual reality Scenes

cardboard3

On Thursday, Google released a new virtual-reality camera app.  The app lets you take a three dimensional panoramic photo that you can view in Google Cardboard.

Simply place your phone into the cardboard headset, and put it up to your eyes.  You can then look at the entire scene as if you are there.  Look around and behind you.  Unfortunately, you cannot look up or down at the moment.  Google is still working out the kinks.

Mike Podwal, a product manager for Google stated, “It’s a really powerful way to understand a moment in time”.

Imagine capturing an important moment in your life in virtual reality.  Maybe a wedding kiss, a birthday party, a graduation or retirement.  You could look all around the room, and see friends and loved ones in a three dimensional view.  The next step of course would be to capture three dimensional immersive video.  This would most likely require something a little more complicated than your smartphone’s camera.  I think this is a great start to capturing in depth moments.

cardboard4

Virtual reality seems to be the darling for silicon Valley in 2015.  Facebook with Occulus Rift, Samsung with the Gear VR and  Sony with Project Morpheus.  This new app for capturing a 3D moment is just the beginning.

Imagine taking a trip to the louvre in Paris while in your living room.  Perhaps we will get to the point where you could visit your doctor in three dimensions.

Cardboard is a great cheap option with its units costing just under $25. The headset isn’t manufactured by google itself, but is available through their website.

Have you had the chance to try out the new Google Cardboard?  What did you think of it?  Leave your comments below.